Reddit has been fined nearly $20 million by the UK’s data privacy authority for mishandling children’s personal data. The Information Commissioner’s Office (ICO) announced the penalty of 14.5 million pounds, highlighting significant lapses in data protection measures for minors.
Unlawful Data Use of Children’s Information
The ICO determined that Reddit’s practices led to the illegal usage of personal information belonging to children under 13. These minors were reportedly exposed to unsuitable content, which they could neither comprehend nor consent to. Information Commissioner John Edwards emphasized the gravity of the situation, labeling the violations as unacceptable and justifying the hefty fine.
Escalating Regulatory Scrutiny
This action is part of a broader effort by the UK privacy regulator to enhance child safety on digital platforms. The ICO has been intensifying its examination of various online services, including a recent penalty imposed on Imgur’s parent company, MediaLab, and ongoing investigations into TikTok.
Reddit’s age verification processes were particularly scrutinized. Although the platform officially prohibits users under 13, it lacked effective mechanisms to enforce this rule until mid-2025. Edwards highlighted the necessity for platforms to adopt robust age assurance measures to safeguard young users.
Reddit’s Response and Future Outlook
In response, Reddit introduced age verification protocols in July 2025, requiring users to state their age during account creation to access mature content. However, the ICO criticized these measures as insufficient, noting that self-declared ages can be easily falsified. The regulator plans to continue monitoring Reddit’s data handling practices.
Reddit announced its intention to contest the ICO’s decision, arguing that the requirement to collect extensive user information contradicts its commitment to privacy. The company maintains that user safety and anonymity remain central to its operations.
This development underscores the increasing pressure on digital platforms to align with stringent data protection standards, particularly concerning young users. As the regulatory landscape evolves, companies may need to implement more rigorous measures to ensure compliance and protect user data effectively.
